So I'm getting a lot of attacks from different ip addresses from t-dialin.net similar to what I posted above. What I want to know is how can I find out all of the t-dialin.net ip pools so I can drop them all using iptables?
the address space is owned by Deutsche Telekom AG.
Its dialup address space, ripe netname is DTAG-DIAL[number]
e.g. DTAG-DIAL1 http://www.ripe.net/perl/whois?form_...ext=DTAG-DIAL1
if you want to block all dialup ipranges from this provider, ripe dtag-dial1 till dial18 and use iptables with -j DROP or REJECT option.
Originally posted by BootsSiR Yeah, I was thinking that. I hate blocking entire ISP's but I also like to take a proactive approach when protecting my servers.
A few T-dialin users seem to be spoiling the service for the rest of the population all over the internet. A smallish amount of users on T-dialin have been abusing QuakeNET (world's largest IRC network) and got the entire domain banned.